Retina-X Studios , the makers of several consumer-grade monitoring products , have finally announced that they have suffered a data breach Attack.Databreach . Retina-X and FlexiSpy , another spyware maker , were attacked Attack.Databreach by two hackers / hacker groups that revealed last week how they went about compromising Attack.Databreach the companies ’ assets and made off Attack.Databreach with customer and other data . “ A hacker known for SQL exploits of great magnitude was able to find a weakness in a decompiled and decrypted version of a now-discontinued product . The vulnerability hidden inside the coded software led to a breach of the database and the eventual exploit by unauthorized individuals , ” the company noted . “ According to the report , the attacker was able to break into Attack.Databreach a server that held database tables for Net Orbit , PhoneSheriff and TeenShield . The tables held information such as login usernames , subscription keys , device metadata , text messages , GPS locations , contacts ’ information , apps installed and website logs . A third-party photo storage account was also breached Attack.Databreach . Only accounts created before February 21st , 2017 were affected. ” They were quick to point out that no payment information was compromised Attack.Databreach , and they say that the attacker has not publicly released Attack.Databreach the stolen data – and he seemingly does not plan to . They are also trying to differentiate itself from the other victim ( FlexiSpy ) , by saying that their software can ’ t be used to monitor individuals that the monitorer has no legal right to keep under surveillance ( e.g . their employees or their underage children ) , because this would violate their terms of service and the account would be terminated . “ Our child and employee monitoring software shows up as an icon and in the Installed Apps list of devices . There are also notifications to let the user of the device know that activities are being monitored , ” the company noted , while failing to mention that these notifications can be turned off and the icon removed . They also did not mention how or how quickly they are able to discover that someone is using the software to perform illegitimate surveillance . For all we know , it could be weeks or months , but even days are too much for people who are spied on in this way .

Email addresses , passwords and IP addresses were exposed . The breach Attack.Databreach , which took place in September 2015 but was only recently disclosed , compromised Attack.Databreach email addresses , passwords and IP addresses , the Daily Mail reports . The hacker 's likely aim was to profit financially from the stolen information. `` Data breaches Attack.Databreach are often sold via darkweb sites or within closed trading circles , '' Hunt told the Daily Mail . Still , Willy Leichter , vice president of marketing at CipherCloud , told eSecurity Planet by email that while the attack targeted gaming forums , any large scale breach like this should concern businesses as well . `` Users often use common passwords , security questions , or personal email addresses to access personal and work-related systems , making it easier for hackers to break into Attack.Databreach corporate networks and steal Attack.Databreach massive amounts of data , '' he said . And while all users are being advised to change their passwords , Jeff Hill , director of product management at Prevalent , said it may be too late to make a difference. `` The initial breach Attack.Databreach occurred in September 2015 , giving the attackers 17 months to operate undetected , more than enough time to find and exfiltrate Attack.Databreach enough data to profit greatly from their efforts , '' he said . `` At this point , it ’ s not even clear the breach was actually detected -- possibly the attackers simply [ wrung ] as much return as possible out of their theft , and simply discarded the remaining useless data , '' Hill added .